Python as client-side browser script language

Greg Ewing greg at cosc.canterbury.ac.nz
Thu Jun 2 04:32:46 CEST 2005


Paul Rubin wrote:

> Huh?  The language itself has to provide the sandbox.  
> Remember that scripts have to be able to see
> certain DOM elements but not others, and some of them have to be
> read-only, etc.

If the DOM objects are implemented as built-in Python
types, there shouldn't be any difficulty with that.
Python objects have complete control over which attributes
can be read or written by Python code.

That, together with restricting what the open() function
can do, ought to provide a pretty good sandbox.

-- 
Greg Ewing, Computer Science Dept,
University of Canterbury,	
Christchurch, New Zealand
http://www.cosc.canterbury.ac.nz/~greg



More information about the Python-list mailing list